<%@ page language="java" contentType="text/html; charset=utf-8"
         pageEncoding="utf-8"
         import="java.sql.*,util.dbConnection"
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <title>dbConnection公共类</title>
</head>
<body>
<%
    request.setCharacterEncoding("utf-8");
    String User = request.getParameter("username");     //得到登录用户名
    String Pwd = request.getParameter("password");       //得到登录密码
    Connection conn = null;
    Statement stmt = null;
    ResultSet rs = null;
    String url = "jdbc:mysql://localhost:3306/newsdb?useUnicode=true&characterEncoding=utf-8&serverTimezone=GMT%2B8";
//1加载JDBC驱动      加
    try {
//2建立与数据库的连接    连
         conn=dbConnection.getConnection();

//3创建操作数据库SQL的Statement对象      预
    String sql = "select password from users where username='" + User + "'";

//4执行SQL语句，并分析执行结果             执

     rs =dbConnection.executeQuery(sql);
    if (rs.next())   //判断数据库是否存在此用户
    { //判断用户输入密码是否正确
        if (Pwd.equals(rs.getString(1))) {
            session.setAttribute("username", User);
            //重定向跳转到main.jsp页面
            response.sendRedirect("main.jsp");
        } else {
            out.println("<script LANGUAGE='javascript'>alert('密码错误!!');history.go(-1);</script>");
        }
    } else {
        out.println("<script LANGUAGE='javascript'>alert('用户名错误!!');history.go(-1);</script>");
    }
    } catch (Exception e) {
        e.printStackTrace();
    }finally {
//5关闭连接，释放资源       释

    dbConnection.close();
    }
%>
</body>
</html>